winem
commented
3 years ago ~Hi, can you please provide more info about your setup? I just tried this and it looks like OpenSSL 1.1.1 which is the current latest on Ubuntu 18 and 20 creates the SAN automatically. It's set to the CN unless specified otherwise.~
~I'll also test it on CentOS / RHEL later but it would be helpful to know the OS and openssl version you're using in the environment where you miss the SAN.~
~Thanks!~
This was an issue with the Mozilla Certificate Viewer. Using the openssl utility to inspect the certificates has confirmed the issue. I'll provide a PR to address this.
Hi,
For quite a some time Chrome browser does not accept to connect to sites with cert without subject alternative name extension.: https://eengstrom.github.io/musings/self-signed-tls-certs-v.-chrome-on-macos-catalina